Google Git
Sign in
boringssl/boringssl.git/49ec9bb3533ae8ba2d3e98d03e691c3f82360b56^!/.
commit
49ec9bb3533ae8ba2d3e98d03e691c3f82360b56
[log]
author
David Benjamin <davidben@google.com>
Thu Jul 14 00:11:26 2016 -0400
committer
David Benjamin <davidben@google.com>
Thu Jul 14 16:14:11 2016 +0000
tree
ed2ce8b8c624c890908635c7792f1ffcfe61a2f2
parent
5c900c8c4555a9de24c07a5d544b5f6aebb39252 [diff]
Fix ssl3_get_cert_verify key type checks.

EVP_PKT_SIGN is redundant with the RSA/EC check which, in turn, is
redundant with sigalgs processing. The type need only be checked in the
pre-1.2 case which was indeed missing an else.

The client half was likewise missing an else, though it's unreachable
due to leaf cert checks.

Change-Id: Ib3550f71a2120b38eacdd671d4f1700876bcc485
Reviewed-on: https://boringssl-review.googlesource.com/8779
Reviewed-by: David Benjamin <davidben@google.com>

diff --git a/ssl/handshake_client.c b/ssl/handshake_client.c
index 267e164..34681d3 100644
--- a/ssl/handshake_client.c
+++ b/ssl/handshake_client.c

@@ -1269,6 +1269,10 @@
       signature_algorithm = SSL_SIGN_RSA_PKCS1_MD5_SHA1;
     } else if (pkey->type == EVP_PKEY_EC) {
       signature_algorithm = SSL_SIGN_ECDSA_SHA1;
+    } else {
+      al = SSL_AD_UNSUPPORTED_CERTIFICATE;
+      OPENSSL_PUT_ERROR(SSL, SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE);
+      goto f_err;
     }
 
     /* The last field in |server_key_exchange| is the signature. */

diff --git a/ssl/handshake_server.c b/ssl/handshake_server.c
index 96b8623..fbf935d 100644
--- a/ssl/handshake_server.c
+++ b/ssl/handshake_server.c

@@ -1631,12 +1631,6 @@
   if (pkey == NULL) {
     goto err;
   }
-  if (!(X509_certificate_type(peer, pkey) & EVP_PKT_SIGN) ||
-      (pkey->type != EVP_PKEY_RSA && pkey->type != EVP_PKEY_EC)) {
-    al = SSL_AD_UNSUPPORTED_CERTIFICATE;
-    OPENSSL_PUT_ERROR(SSL, SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE);
-    goto f_err;
-  }
 
   CBS_init(&certificate_verify, ssl->init_msg, ssl->init_num);
 
@@ -1656,6 +1650,10 @@
     signature_algorithm = SSL_SIGN_RSA_PKCS1_MD5_SHA1;
   } else if (pkey->type == EVP_PKEY_EC) {
     signature_algorithm = SSL_SIGN_ECDSA_SHA1;
+  } else {
+    al = SSL_AD_UNSUPPORTED_CERTIFICATE;
+    OPENSSL_PUT_ERROR(SSL, SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE);
+    goto f_err;
   }
 
   /* Parse and verify the signature. */
@@ -1670,11 +1668,6 @@
   /* The SSL3 construction for CertificateVerify does not decompose into a
    * single final digest and signature, and must be special-cased. */
   if (ssl3_protocol_version(ssl) == SSL3_VERSION) {
-    if (ssl->cert->key_method != NULL) {
-      OPENSSL_PUT_ERROR(SSL, SSL_R_UNSUPPORTED_PROTOCOL_FOR_CUSTOM_KEY);
-      goto err;
-    }
-
     const EVP_MD *md;
     uint8_t digest[EVP_MAX_MD_SIZE];
     size_t digest_len;